Changelog
*Sourced from [json's changelog](https://github.com/flori/json/blob/master/CHANGES.md).*
> ## 2013-02-04 (1.7.7)
> * Security fix for JSON create_additions default value and
> `JSON::GenericObject`. It should not be possible to create additions unless
> explicitely requested by setting the create_additions argument to true or
> using the JSON.load/dump interface. If `JSON::GenericObject` is supposed to
> be automatically deserialised, this has to be explicitely enabled by
> setting
> JSON::GenericObject.json_creatable = true
> as well.
> * Remove useless assert in fbuffer implementation.
> * Apply patch attached to https://github.com/flori/json/issues#issue/155
> provided by John Shahid , Thx!
> * Add license information to rubygems spec data, reported by Jordi Massaguer Pla .
> * Improve documentation, thx to Zachary Scott .
Commits
- [`d0a62f3`](https://github.com/flori/json/commit/d0a62f3ced7560daba2ad546d83f0479a5ae2cf2) Security fix create_additons/JSON::GenericObject
- [`771e08b`](https://github.com/flori/json/commit/771e08b7a96c5d4c962e3e2f258df2f680c60dc0) Merge remote-tracking branch 'github/master'
- [`9f1c4ca`](https://github.com/flori/json/commit/9f1c4ca07f68ddf3e71c3493e9ff6765a8d0f411) Document changes
- [`241622f`](https://github.com/flori/json/commit/241622f2a78f17ec9ed86cac992a44926e7a1133) fix a bug in the JRuby implementation. getInstanceVariable() can return a nul...
- [`99bdbf7`](https://github.com/flori/json/commit/99bdbf74d862503364cfe8f0af96764a67c754a1) Document changes
- [`12ce6b7`](https://github.com/flori/json/commit/12ce6b73377c8d15e1497c2c3c0f8fc1609329e0) Add license information to gemspec task
- [`d7b18ba`](https://github.com/flori/json/commit/d7b18ba149400971a1415468fd865f8d4794d789) Document changes
- [`ec2dced`](https://github.com/flori/json/commit/ec2dced48242a8ee679e55a13933f6aaf0fbdb47) Add license information to gemspec task
- [`112b956`](https://github.com/flori/json/commit/112b956236e06bcafc6854e52ba302d8cbe937fb) * lib/json.rb: Move module overview definition for rdoc
- [`856edb8`](https://github.com/flori/json/commit/856edb80ce8a1ca3671b8d76100f189f2baafc53) add license information to gemspecs
- Additional commits viewable in [compare view](https://github.com/flori/json/compare/v1.7.6...v1.7.7)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/opinsys/iivari/network/alerts).
dependabot[bot]
commented
4 years ago
Bumps json from 1.7.6 to 1.7.7.
Changelog
*Sourced from [json's changelog](https://github.com/flori/json/blob/master/CHANGES.md).* > ## 2013-02-04 (1.7.7) > * Security fix for JSON create_additions default value and > `JSON::GenericObject`. It should not be possible to create additions unless > explicitely requested by setting the create_additions argument to true or > using the JSON.load/dump interface. If `JSON::GenericObject` is supposed to > be automatically deserialised, this has to be explicitely enabled by > setting > JSON::GenericObject.json_creatable = true > as well. > * Remove useless assert in fbuffer implementation. > * Apply patch attached to https://github.com/flori/json/issues#issue/155 > provided by John ShahidCommits
- [`d0a62f3`](https://github.com/flori/json/commit/d0a62f3ced7560daba2ad546d83f0479a5ae2cf2) Security fix create_additons/JSON::GenericObject - [`771e08b`](https://github.com/flori/json/commit/771e08b7a96c5d4c962e3e2f258df2f680c60dc0) Merge remote-tracking branch 'github/master' - [`9f1c4ca`](https://github.com/flori/json/commit/9f1c4ca07f68ddf3e71c3493e9ff6765a8d0f411) Document changes - [`241622f`](https://github.com/flori/json/commit/241622f2a78f17ec9ed86cac992a44926e7a1133) fix a bug in the JRuby implementation. getInstanceVariable() can return a nul... - [`99bdbf7`](https://github.com/flori/json/commit/99bdbf74d862503364cfe8f0af96764a67c754a1) Document changes - [`12ce6b7`](https://github.com/flori/json/commit/12ce6b73377c8d15e1497c2c3c0f8fc1609329e0) Add license information to gemspec task - [`d7b18ba`](https://github.com/flori/json/commit/d7b18ba149400971a1415468fd865f8d4794d789) Document changes - [`ec2dced`](https://github.com/flori/json/commit/ec2dced48242a8ee679e55a13933f6aaf0fbdb47) Add license information to gemspec task - [`112b956`](https://github.com/flori/json/commit/112b956236e06bcafc6854e52ba302d8cbe937fb) * lib/json.rb: Move module overview definition for rdoc - [`856edb8`](https://github.com/flori/json/commit/856edb80ce8a1ca3671b8d76100f189f2baafc53) add license information to gemspecs - Additional commits viewable in [compare view](https://github.com/flori/json/compare/v1.7.6...v1.7.7)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/opinsys/iivari/network/alerts).